itworks.com Open in urlscan Pro
2606:4700::6812:8b8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://itworks.com/
Effective URL:
https://itworks.com/
Submission Tags: tranco_l324
Submission: On November 17 via api (November 17th 2021, 11:39:00 am UTC) from DE — Scanned from DE

Summary HTTP 156 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 156 HTTP transactions. The main IP is 2606:4700::6812:8b8, located in United States and belongs to CLOUDFLARENET, US. The main domain is itworks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2021. Valid for: a year.

This is the only time itworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	2606:4700::68... 2606:4700::6812:8b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
1	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b3::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 8	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
40	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
26	2606:4700::68... 2606:4700::6812:9b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.248.151.210 13.248.151.210	16509 (AMAZON-02) (AMAZON-02)
18	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
2	52.203.83.235 52.203.83.235	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	2.16.186.33 2.16.186.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	54.86.117.43 54.86.117.43	14618 (AMAZON-AES) (AMAZON-AES)
1	52.23.190.53 52.23.190.53	14618 (AMAZON-AES) (AMAZON-AES)
156	21

35 2606:4700::6812:8b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

itworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b3::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.75.88.209 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-us-01.kc-usercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700::6812:9b8 (United States)

ASN13335 (CLOUDFLARENET, US)

services.itworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cmsproxy.itworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.151.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.203.83.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-83-235.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

embed-fastly.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-33.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.86.117.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-117-43.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.190.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-190-53.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	itworks.com 1 redirects itworks.com services.itworks.com cmsproxy.itworks.com	1 MB
36	kc-usercontent.com assets-us-01.kc-usercontent.com	1 MB
25	wistia.com fast.wistia.com embed-fastly.wistia.com distillery.wistia.com pipedream.wistia.com	521 KB
7	launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com events.launchdarkly.com	5 KB
4	pinterest.de www.pinterest.de	14 KB
4	pinterest.com 1 redirects ct.pinterest.com www.pinterest.com	2 KB
3	google-analytics.com www.google-analytics.com	54 KB
2	akamaihd.net embedwistia-a.akamaihd.net	100 KB
2	pinimg.com s.pinimg.com	19 KB
1	google.de www.google.de	501 B
1	google.com www.google.com	501 B
1	doubleclick.net stats.g.doubleclick.net	439 B
1	googletagmanager.com www.googletagmanager.com	57 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	jquery.com code.jquery.com	29 KB
0	litix.io Failed fg8vvsvnieiv3ej16jby.litix.io Failed
156	16

	Domain	Requested by
36	assets-us-01.kc-usercontent.com
35	itworks.com	1 redirects itworks.com
20	cmsproxy.itworks.com	itworks.com
18	fast.wistia.com	itworks.com fast.wistia.com
6	services.itworks.com	itworks.com
4	distillery.wistia.com	itworks.com
4	www.pinterest.de	s.pinimg.com itworks.com
4	app.launchdarkly.com	itworks.com
3	ct.pinterest.com	s.pinimg.com itworks.com
3	www.google-analytics.com	itworks.com www.google-analytics.com
2	embedwistia-a.akamaihd.net
2	embed-fastly.wistia.com
2	events.launchdarkly.com	itworks.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
1	pipedream.wistia.com	itworks.com
1	www.pinterest.com	1 redirects
1	clientstream.launchdarkly.com	itworks.com
1	www.google.de	itworks.com
1	www.google.com	itworks.com
1	stats.g.doubleclick.net	itworks.com
1	www.googletagmanager.com	itworks.com
1	static.cloudflareinsights.com	itworks.com
1	code.jquery.com	itworks.com
0	fg8vvsvnieiv3ej16jby.litix.io Failed	itworks.com
156	24

This site contains links to these domains. Also see Links.

Domain
itworks.bamboohr.com
myitworksnews.com
lostorderclaim.myitworks.com
www.instagram.com
www.facebook.com
twitter.com
www.pinterest.com

Subject Issuer	Validity	Valid
itworks.com Cloudflare Inc ECC CA-3	`2021-06-06` - `2022-06-05`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
clientstream.launchdarkly.com Amazon	`2021-09-21` - `2022-10-19`	a year	crt.sh
*.kc-usercontent.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
events.launchdarkly.com Amazon	`2021-09-19` - `2022-10-17`	a year	crt.sh
embed-fastly.wistia.com R3	`2021-09-24` - `2021-12-23`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.wistia.com Amazon	`2021-04-01` - `2022-04-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://itworks.com/
Frame ID: 2CA8B70CA1A3CAA75FD05141970A372C
Requests: 135 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: BD60EF605A22C53D335C47E82AB79982
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

It Works!

Page URL History Show full URLs

http://itworks.com/ HTTP 301
https://itworks.com/ Page URL

Page Statistics

156
Requests

95 %
HTTPS

50 %
IPv6

16
Domains

24
Subdomains

21
IPs

4
Countries

3747 kB
Transfer

8248 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://itworks.bamboohr.com/jobs/
Title: Careers

Search URL Search Domain Scan URL

URL: https://myitworksnews.com/2021/Documents/product-catalog-2021-us-en.pdf
Title: Product Catalog

Search URL Search Domain Scan URL

URL: https://lostorderclaim.myitworks.com/
Title: Lost Order Claim Form

Search URL Search Domain Scan URL

URL: https://myitworksnews.com/2021/Documents/IWGBF_CharitableSolicitationDisclosureStatement-72021-ALL%20STATES-l.pdf
Title: Charitable Solicitation Disclosure Statement

Search URL Search Domain Scan URL

URL: https://www.instagram.com/itworkshq

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheOfficialItWorks/

Search URL Search Domain Scan URL

URL: https://twitter.com/itworksglobal

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/itworksglobal/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://itworks.com/ HTTP 301
https://itworks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

156 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
itworks.com/
Redirect Chain

http://itworks.com/
https://itworks.com/

3 KB
2 KB

492ms
474ms

Document
text/html

2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a837cfe71067facdad8ab08e90b5b18a6df6c1a1ec2b2a96a1ce92e36224ccf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 17 Nov 2021 11:38:50 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6af8accc1caa4a62-FRA
cache-control: public, max-age=0
last-modified: Mon, 15 Nov 2021 17:58:18 GMT
strict-transport-security: max-age=0; includeSubDomains
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Wed, 17 Nov 2021 11:38:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 17 Nov 2021 12:38:49 GMT
Location: https://itworks.com/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 6af8accbdde35b80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 50ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: itworks.com
URL: https://itworks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://itworks.com/
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:50 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:24:41 GMT
server: nginx
etag: W/"573f4859-14e4a"
vary: Accept-Encoding
x-hw: 1637149130.dop154.am5.t,1637149130.cds224.am5.hn,1637149130.cds147.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 styles.a63eeec8efae808c372e.css
itworks.com/portal/ 392 KB
55 KB 516ms
515ms Stylesheet
text/css 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8c6c6e189ee7c1385a7b37f94b00eb97079d5f7b20a3432fbabe2992020bfa55

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"61fe2-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8accf3a0a4a62-FRA
expires: Wed, 17 Nov 2021 15:38:50 GMT

GET
H2 200 api.js Show response
itworks.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 12ms
11ms Script
text/javascript 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/javascript
vary: Accept-Encoding
cache-control: max-age=604800, public
cf-ray: 6af8accf3a0d4a62-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 runtime.6e405a4b9672392645e7.js Show response
itworks.com/portal/ 2 KB
2 KB 422ms
420ms Script
application/javascript 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/runtime.6e405a4b9672392645e7.js

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c29f3550bdc9d520a112a8c58812ec9c3a531ae4a102484d67b1e493ab33173f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"9de-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8accf3a0e4a62-FRA
expires: Wed, 17 Nov 2021 15:38:50 GMT

GET
H2 200 polyfills.a1ef6e9abea6fe3dfa69.js Show response
itworks.com/portal/ 211 KB
68 KB 596ms
595ms Script
application/javascript 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7c368916684725c1fc3896361142add25e9a919956ee0df3638491263f56770c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"34ba3-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8accf3a0f4a62-FRA
expires: Wed, 17 Nov 2021 15:38:50 GMT

GET
H2 200 main.56b4648807625e8293a6.js Show response
itworks.com/portal/ 2 MB
486 KB 530ms
529ms Script
application/javascript 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/main.56b4648807625e8293a6.js

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b93902cedf73d71ca7065b460432f3b5486475c653f2b3a20c61a4f5d619b0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"1d258d-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8accf3a104a62-FRA
expires: Wed, 17 Nov 2021 15:38:50 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 71ms
46ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: itworks.com
URL: https://itworks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://itworks.com/
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:50 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6af8accf5aa34333-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
57 KB 444ms
57ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c45ad89dd5f3584d28986e653cf6c5cf728a42f373489a442dd40e4e0b956ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57897
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 11:38:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 421ms
36ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2263
date: Wed, 17 Nov 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 17 Nov 2021 13:01:07 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 196ms
48ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W6242NC&t=gtm4&cid=986216896.1637149131&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a943365a2bf02bca25a64fe787eca14400587b110311a43c7948eb8c95fd890c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34942
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 11:38:50 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
831 B 180ms
112ms Script
application/javascript 2a02:26f0:6c00:2b3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b3::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "95580b4fad0d5513b92f05a5be0d5a38"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 12468b93-2.16.186.117
accept-ranges: bytes
content-length: 583
access-control-expose-headers: X-CDN

GET
H2 200 main.6ae4a9fc.js Show response
s.pinimg.com/ct/lib/ 54 KB
19 KB 104ms
104ms Script
application/javascript 2a02:26f0:6c00:2b3::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b3::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "9850391ff02e4a98b00efa3acfbbbb10"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 12468c2b-2.16.186.117
accept-ranges: bytes
content-length: 18814
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
ct.pinterest.com/user/ 503 B
836 B 98ms
45ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613337209289&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1637149130950

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

1449fd02aec88654060c9445737b5dd4611ac80ad2c216c53a6ae3136e1c5605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.976656b8.1637149131.1ca01915
x-envoy-upstream-service-time: 1
x-pinterest-rid: 2290360978798373
pin-unauth: dWlkPU16a3lNMk5sWVRjdE5HWm1NUzAwWlRBNUxUaGlNV1l0WTJVNU1HVTBOVFEyT0RJNA
access-control-allow-origin: https://itworks.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 356
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 97ms
46ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613337209289&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fitworks.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1637149130951

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 11:38:51 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.976656b8.1637149131.1ca01918
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1043373853749826
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 Barlow-Regular.woff2
itworks.com/portal/ 38 KB
39 KB 525ms
525ms Font
font/woff2 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/Barlow-Regular.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6ffeaaa572003a081288376e3c9d9cde1fe39693ac7323295495345a605708fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39292
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"997c-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6af8acd4de65dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:51 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
273 B 86ms
68ms XHR
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 11:38:51 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.976656b8.1637149131.1ca01a2d
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1079101420927006
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 44ms
44ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1909758034&t=pageview&_s=1&dl=https%3A%2F%2Fitworks.com%2F&ul=en-us&de=UTF-8&dt=It%20Works!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADUAAAAC~&jid=475875864&gjid=791628786&cid=986216896.1637149131&tid=UA-34387203-12&_gid=1654163283.1637149131&_r=1&gtm=2wgba1P7PTLMD&z=1489130392

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 11:38:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://itworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-34387203-12&cid=986216896.1637149131&jid=475875864&gjid=791628786&_gid=1654163283.1637149131&_u=aGDAAEACUAAAAC~&z=1457748170

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Nov 2021 11:38:51 GMT
content-type: text/plain
access-control-allow-origin: https://itworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 308ms
63ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34387203-12&cid=986216896.1637149131&jid=475875864&_u=aGDAAEACUAAAAC~&z=1236017760

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 11:38:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 429ms
63ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34387203-12&cid=986216896.1637149131&jid=475875864&_u=aGDAAEACUAAAAC~&z=1236017760

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 11:38:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 eyJrZXkiOiJVUy1lbi1SQy0wNiJ9
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/users/ Frame 0
0 39ms
11ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/users/eyJrZXkiOiJVUy1lbi1SQy0wNiJ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Wed, 17 Nov 2021 11:38:51 GMT
via: 1.1 varnish
x-served-by: cache-hhn4081-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1637149132.584454,VS0,VE1
vary: Accept-Encoding
age: 0
content-length: 23

OPTIONS
H2 200 5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/ Frame 0
0 39ms
11ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Wed, 17 Nov 2021 11:38:51 GMT
via: 1.1 varnish
x-served-by: cache-hhn4081-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1637149132.584521,VS0,VE1
vary: Accept-Encoding
age: 0
content-length: 23

GET
H3 200 level Show response
itworks.com/api/log/ 20 B
426 B 453ms
453ms XHR
application/json 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/api/log/level

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:51 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 6af8acd82acadfb7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20
etag: W/"14-ycAJUHiRugLG6WF80DxzXo20+wI"
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864

GET
H3 200 trace Show response
itworks.com/cdn-cgi/ 279 B
359 B 9ms
9ms XHR
text/plain 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/cdn-cgi/trace

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04884b6d1580dad38327db8c260d55114503f8aef7f03618ea66f45fd4e5f69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6af8acd82acedfb7-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 countries Show response
services.itworks.com/countries/v1/ 3 KB
997 B 540ms
511ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/countries/v1/countries

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba456919b89dda7736673879fe55e125da4fa378f17efb0138826072444b8b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

messageid: 86379141-173f-4b42-bef6-457be964c6ac
date: Wed, 17 Nov 2021 11:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:fa41b682-298b-4f3b-b624-22f1096f96c1
xbypasstokenvalidation: S:True
last-modified: Wed, 17 Nov 2021 10:12:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 6af8acd858bbc2c2-FRA
expires: Wed, 17 Nov 2021 15:38:52 GMT

GET
H2 200 eyJrZXkiOiJVUy1lbi1SQy0wNiJ9 Show response
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/users/ 32 KB
5 KB 8ms
7ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/users/eyJrZXkiOiJVUy1lbi1SQy0wNiJ9
Requested by: Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e4dfc7bcdaf19260c488bd1f5c7787e3915ade82c2c04e0bab89cb795da92485

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.7.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:51 GMT
content-encoding: gzip
vary: Authorization, Accept-Encoding
age: 0
x-cache: HIT
content-length: 4450
x-served-by: cache-hhn4081-HHN
access-control-allow-origin: *
x-timer: S1637149132.594446,VS0,VE1
etag: "2312dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

GET
H2 200 5bb3bd847387e1367e01ff04 Show response
app.launchdarkly.com/sdk/goals/ 2 B
156 B 8ms
8ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.7.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Wed, 17 Nov 2021 11:38:51 GMT
content-length: 26
x-served-by: cache-hhn4081-HHN
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1637149132.594398,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 1

GET
H2 200 eyJrZXkiOiJVUy1lbi1SQy0wNiJ9
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/ 32 KB
0 147ms
68ms EventSource
text/event-stream 13.248.151.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJrZXkiOiJVUy1lbi1SQy0wNiJ9

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.151.210 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:51 GMT
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

POST
H3 200 log Show response
itworks.com/api/ 0
412 B 401ms
401ms XHR
text/plain 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/api/log

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Nov 2021 11:38:52 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=0; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-origin: https://itworks.com
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
cf-ray: 6af8acd89b6edfb7-FRA

GET
H3 200 bag Show response
itworks.com/ajax/ 1 KB
1 KB 948ms
948ms XHR
application/json 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/ajax/bag

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eab0df637380c00ff704a0ce4500bdf795235c9884828a245550df65845aaa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-iwgtime: 11/17/2021 5:36:28 AM
pragma: no-cache
date: Wed, 17 Nov 2021 11:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/json; Charset=utf-8
vary: Accept-Encoding
cache-control: no-store,no-cache
cf-ray: 6af8acd89b6fdfb7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 16 Nov 2021 11:36:28 GMT

POST
H3 204 result Show response
itworks.com/cdn-cgi/bm/cv/ 0
480 B 10ms
10ms XHR
text/plain 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/cdn-cgi/bm/cv/result?req_id=6af8accc1caa4a62

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
date: Wed, 17 Nov 2021 11:38:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-ray: 6af8acd8bb93dfb7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 log Show response
itworks.com/api/ 0
412 B 449ms
449ms XHR
text/plain 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/api/log

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Nov 2021 11:38:52 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=0; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-origin: https://itworks.com
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
cf-ray: 6af8acd94c43dfb7-FRA

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame BD60
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

481ms
480ms

Document
text/html

104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

a9ad0672070e2f26c3020e73e61bd3cd5933f212e5b3415c437e812ad8a48c7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-58bcf28fa27695f7df12183f9f987a13' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2424330205674097; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-58bcf28fa27695f7df12183f9f987a13' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2424330205674097; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-58bcf28fa27695f7df12183f9f987a13' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 99
pinterest-generated-by: coreapp-webapp-prod-0a03cf45
content-encoding: gzip
pinterest-version: 09a6c1b
referrer-policy: origin
x-pinterest-rid: 2424330205674097
date: Wed, 17 Nov 2021 11:38:52 GMT
content-length: 280
akamai-grn: 0.976656b8.1637149132.1ca026de
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 118
pinterest-generated-by: coreapp-webapp-prod-0a0114a5
content-encoding: gzip
pinterest-version: 09a6c1b
referrer-policy: origin
x-pinterest-rid: 2278223049543975
date: Wed, 17 Nov 2021 11:38:52 GMT
akamai-grn: 0.976656b8.1637149131.1ca02401
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

POST
H3 200 rum Show response
itworks.com/cdn-cgi/ 0
163 B 14ms
14ms XHR
text/plain 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/cdn-cgi/rum?

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

date: Wed, 17 Nov 2021 11:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://itworks.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6af8acd9ed21dfb7-FRA
vary: Origin

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame BD60 0
3 KB 151ms
150ms Other
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=2424330205674097

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-3f4c38919a60776be7c7804bf385bb5f' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2581609813066210; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-3f4c38919a60776be7c7804bf385bb5f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2581609813066210; frame-ancestors 'self'
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.976656b8.1637149132.1ca02d98
content-security-policy-report-only: script-src 'nonce-3f4c38919a60776be7c7804bf385bb5f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 31
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 2581609813066210
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 09a6c1b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Wed, 17 Nov 2021 11:38:52 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a03d85f

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame BD60 0
3 KB 154ms
153ms Other
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-26069657379bc447cc0bceaf06886d7a' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1482461068426043; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-26069657379bc447cc0bceaf06886d7a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1482461068426043; frame-ancestors 'self'
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.976656b8.1637149132.1ca02dac
content-security-policy-report-only: script-src 'nonce-26069657379bc447cc0bceaf06886d7a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 27
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1482461068426043
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 09a6c1b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Wed, 17 Nov 2021 11:38:52 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a03d85f

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame BD60 0
3 KB 453ms
453ms Other
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-0d2fceeffde2dd2607fa3d44fdf719fa' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1197399633254009; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-0d2fceeffde2dd2607fa3d44fdf719fa' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1197399633254009; frame-ancestors 'self'
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.976656b8.1637149132.1ca02dc7
content-security-policy-report-only: script-src 'nonce-0d2fceeffde2dd2607fa3d44fdf719fa' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 27
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1197399633254009
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 09a6c1b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Wed, 17 Nov 2021 11:38:52 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a03dca6

GET
H3 200 US Show response
services.itworks.com/countries/v1/countrysettings/ 657 B
869 B 1258ms
1246ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/countries/v1/countrysettings/US

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c05010f3121088314ab8a5e700d4d15b062e8e56859fbbd1a26bb139012d8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

messageid: d0cadcd9-e656-4398-816f-f73059b9da96
date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:fa41b682-298b-4f3b-b624-22f1096f96c1
xbypasstokenvalidation: S:True
last-modified: Wed, 17 Nov 2021 10:21:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 6af8acdeac386987-FRA
expires: Wed, 17 Nov 2021 15:38:53 GMT

GET
H3 200 US Show response
services.itworks.com/countries/v1/countrysettings/ 657 B
906 B 499ms
487ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/countries/v1/countrysettings/US

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c05010f3121088314ab8a5e700d4d15b062e8e56859fbbd1a26bb139012d8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

messageid: d8975dcd-3d77-43df-bc61-7af340e75581
date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:fa41b682-298b-4f3b-b624-22f1096f96c1
xbypasstokenvalidation: S:True
last-modified: Wed, 17 Nov 2021 10:21:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 6af8acdeac3f6987-FRA
expires: Wed, 17 Nov 2021 15:38:53 GMT

OPTIONS
H2 204 site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 96ms
85ms Preflight 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-kc-sdkid
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
cf-ray: 6af8ace1cca4c2c2-FRA
accept-ranges: bytes
access-control-allow-origin: *
retry-after: 0
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-max-age: 86400
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra19129-FRA
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 site_redirects Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 3 KB
1 KB 78ms
78ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57f0c18573247b757bdfb536b18a5e6b4b8db08f9e40df0d488ded705671584

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
X-KC-SDKID: npmjs.com;kentico-cloud-delivery;4.3.0
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-request-charge: 4
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cf-ray: 6af8ace25ce26987-FRA
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 913
x-served-by: cache-fra19152-FRA
expires: Wed, 17 Nov 2021 11:43:53 GMT
last-modified: Wed, 17 Nov 2021 10:31:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-stale-content: 0
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame 0
0 64ms
63ms Preflight 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-kc-sdkid
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
cf-ray: 6af8ace2fe6e6987-FRA
accept-ranges: bytes
access-control-allow-origin: *
retry-after: 0
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-max-age: 86400
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra19155-FRA
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 234 KB
32 KB 83ms
82ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d6a270894e4abe6cceaba893c2881963a5f733b3269fcd1caf529443b1512f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
X-KC-SDKID: npmjs.com;kentico-cloud-delivery;4.3.0
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-request-charge: 102
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cf-ray: 6af8ace35f636987-FRA
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32707
x-served-by: cache-fra19149-FRA
expires: Wed, 17 Nov 2021 11:43:53 GMT
last-modified: Wed, 17 Nov 2021 11:11:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-stale-content: 0
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 760 KB
168 KB 72ms
71ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url=home&depth=99&language=en-US&limit=1

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d49d151fc7f30fcce3ab830012b69073a6e41b643059a987c582ec9b01f6ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
X-KC-SDKID: npmjs.com;kentico-cloud-delivery;4.3.0
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-request-charge: 364
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cf-ray: 6af8ace4fb176987-FRA
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 171233
x-served-by: cache-fra19183-FRA
expires: Wed, 17 Nov 2021 11:43:53 GMT
last-modified: Wed, 17 Nov 2021 10:31:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-stale-content: 0
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

GET
H2 200 it-works-logo-no-registered.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0233bc45-05ef-4b90-9c7f-63c62a82695d/ 5 KB
5 KB 95ms
21ms Image
image/png 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0233bc45-05ef-4b90-9c7f-63c62a82695d/it-works-logo-no-registered.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c59adfdcbb787e284dd79e5ca3b01762a4c233bfd1c19b6ad285f502c1be97a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: MaWID/qmnvh/L/mNZB4HlQ==
x-timer: S1637149134.641101,VS0,VE1
etag: "YSsFw5d7lZHG/4tvuBOIpfxiAitVKXTUurfN0IKsAEM"
x-served-by: cache-dca17760-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=8945 idim=493x125 ifmt=png ofsz=4959 odim=493x125 ofmt=png
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/png
content-length: 4959
x-cache-hits: 1, 1

GET
H2 200 icon-instagram.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/ 3 KB
3 KB 94ms
21ms Image
image/svg+xml 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/icon-instagram.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
last-modified: Mon, 23 Aug 2021 17:46:09 GMT
x-timer: S1637149134.641269,VS0,VE1
etag: 0x8D9665DE3DFE947
x-served-by: cache-dca17748-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
content-length: 2930
x-cache-hits: 1, 1

GET
H2 200 icon-facebook.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/ 462 B
587 B 95ms
22ms Image
image/svg+xml 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/icon-facebook.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
last-modified: Mon, 23 Aug 2021 17:46:39 GMT
x-timer: S1637149134.641319,VS0,VE1
etag: 0x8D9665DF5FEBF94
x-served-by: cache-dca17776-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
content-length: 462
x-cache-hits: 1, 1

GET
H2 200 icon-twitter.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7cb964d5-5b55-479c-af58-4d141068036a/ 1 KB
1 KB 94ms
21ms Image
image/svg+xml 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7cb964d5-5b55-479c-af58-4d141068036a/icon-twitter.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7219e9ed32eee437800314423747edea7a563c6aace19836b5bf15c216a05bf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
last-modified: Mon, 23 Aug 2021 17:47:10 GMT
x-timer: S1637149134.641167,VS0,VE1
etag: 0x8D9665E08AD22D5
x-served-by: cache-dca17750-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
content-length: 1082
x-cache-hits: 1, 1

GET
H2 200 icon-pinterest.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/ 1 KB
1 KB 94ms
21ms Image
image/svg+xml 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/icon-pinterest.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
last-modified: Mon, 23 Aug 2021 17:47:41 GMT
x-timer: S1637149134.641358,VS0,VE1
etag: 0x8D9665E1AE6B2A6
x-served-by: cache-dca17731-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
content-length: 1193
x-cache-hits: 1, 1

GET
H2 200 36801VALUE-Skinny-Cold-Brew-Set-Listing-Image-1.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb302bc7-fd67-4358-aa3f-e9cdc710365c/ 17 KB
17 KB 94ms
22ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb302bc7-fd67-4358-aa3f-e9cdc710365c/36801VALUE-Skinny-Cold-Brew-Set-Listing-Image-1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83c1f47df4c68cdbd3e2881746edc07d4df28c6ca72a06f6335361c24f41b9a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
x-timer: S1637149134.641235,VS0,VE1
etag: "u3BDwgpVSiSGmg42RB6kAanyHvxLduXniz6WhkB6n38"
x-cache: HIT, HIT
fastly-io-info: ifsz=85769 idim=350x350 ifmt=jpeg ofsz=17101 odim=350x350 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 17101
x-served-by: cache-dca17750-DCA, cache-hhn4028-HHN

GET
H2 200 36400-Slimming-Gummies-Product-Image-1.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/f33d2826-a84f-41de-89b5-f1621d4e69ae/ 46 KB
46 KB 33ms
7ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/f33d2826-a84f-41de-89b5-f1621d4e69ae/36400-Slimming-Gummies-Product-Image-1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 19a54bd285a3700e1fba9412df860d829bccf8c57ba1d50b271726934938a388

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: jUGo/Fx9bduJTJeLaHp8NQ==
x-timer: S1637149134.637878,VS0,VE1
etag: "6C/S++CkzIWyk/RXN9/DZwZ81/q6bpckcttvHzXdUy4"
x-served-by: cache-dca17783-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=210524 idim=900x900 ifmt=jpeg ofsz=46778 odim=900x900 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 46778
x-cache-hits: 1, 1

GET
H2 200 34900VALUE-Keto-Coffee-Pumpkin-Spice-Pods-Listing-Image.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cf670c09-0730-4de8-8167-d582597f0df7/ 18 KB
18 KB 39ms
13ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cf670c09-0730-4de8-8167-d582597f0df7/34900VALUE-Keto-Coffee-Pumpkin-Spice-Pods-Listing-Image.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8d6c6676b3d5c37802571495d5111ef48dd5ad83049f965aaebb6f3c6a67a7c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
x-timer: S1637149134.638014,VS0,VE1
etag: "uvO4qzIUU6aOAcHCkF1g1za4Uo54oo4UzXGx58rmLxI"
x-cache: HIT, HIT
fastly-io-info: ifsz=87905 idim=350x350 ifmt=jpeg ofsz=17941 odim=350x350 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 17941
x-served-by: cache-dca17770-DCA, cache-hhn4028-HHN

GET
H2 200 32602-product-image-1.2.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/063423af-4639-41dd-a960-25f3e8098599/ 50 KB
50 KB 10ms
8ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/063423af-4639-41dd-a960-25f3e8098599/32602-product-image-1.2.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 10dfab290668d7ecdbceab8c22eec446f2417db4b6f1ac61c5c96eac69fd6c25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: VwFEa/Sq8FYrSXBwgN/CRA==
x-timer: S1637149134.653009,VS0,VE1
etag: "GqHV1pfoKWIU0IZh4+ckAGUinX8zwvZSeAcxPETskD0"
x-served-by: cache-dca17749-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=112043 idim=900x900 ifmt=jpeg ofsz=51210 odim=900x900 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 51210
x-cache-hits: 1, 1

GET
H2 200 Product%20FAQ%20Philosophy%20&%20Icons_image.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/043de858-54c8-423a-9766-543fe6cd6aca/ 9 KB
10 KB 40ms
14ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/043de858-54c8-423a-9766-543fe6cd6aca/Product%20FAQ%20Philosophy%20&%20Icons_image.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ad8333e00c20730c78d34f5e484d811bd36f722ec7fc215ee1951b7bca92d082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
x-timer: S1637149134.638153,VS0,VE1
etag: "RM6yrYa49w5FlmpF8WX2P8KXaw9zx+WyPlk5rhsrmO4"
x-cache: HIT, HIT
fastly-io-info: ifsz=36874 idim=225x280 ifmt=jpeg ofsz=9697 odim=225x280 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 2, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 9697
x-served-by: cache-dca17778-DCA, cache-hhn4028-HHN

GET
H2 200 navigation-product-finder-quiz.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/471a62b3-bece-48b7-a579-8f2a1f34f212/ 12 KB
12 KB 43ms
17ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/471a62b3-bece-48b7-a579-8f2a1f34f212/navigation-product-finder-quiz.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f1622177535e942e41ef3be1f8d5fe4a166c380437a8894a189efac371853981

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: KjBTDqc5SuYFWpIFR+rGVw==
x-timer: S1637149134.638304,VS0,VE1
etag: "vtVeRf6J6xx2DoKsy9kb+3OfMfVrktFW54OW212W/hw"
x-served-by: cache-dca17780-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=23606 idim=225x280 ifmt=jpeg ofsz=12143 odim=225x280 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 12143
x-cache-hits: 1, 1

GET
H2 200 dr-nassif-nagivation-menu.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5133330f-6efd-4ab0-9100-99a6910170e2/ 12 KB
12 KB 45ms
19ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5133330f-6efd-4ab0-9100-99a6910170e2/dr-nassif-nagivation-menu.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d303990a80759bab04ca9fd056cf9393e66cbdc34cce54fdcc15af6cb9034867

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: SlZ/qQOrdnLFndflvvmAIA==
x-timer: S1637149134.638347,VS0,VE1
etag: "/P5w6ut1FhcO6eUbULrgtFEDzNwQAr8VmTQPfEpuglI"
x-served-by: cache-dca17734-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=40711 idim=225x280 ifmt=jpeg ofsz=12370 odim=225x280 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 12370
x-cache-hits: 1, 1

GET
H2 200 ImmuneSupport-megamenuthumbnail-confianza-225x280px-01-1.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/07a98146-2ccc-4788-af6d-d0a76fc8fa2b/ 11 KB
11 KB 13ms
10ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/07a98146-2ccc-4788-af6d-d0a76fc8fa2b/ImmuneSupport-megamenuthumbnail-confianza-225x280px-01-1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6746d92d8028dac085ed74d86a8351a086245f2b70c1f2d8fa141c7a15b0d693

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: 6JcI4rQd20XPdsOx/8vhcQ==
x-timer: S1637149134.653105,VS0,VE1
etag: "Fo5g0+GmYaEj4plYYSlnmP1fQFygfoa9C5sQm+SD+wg"
x-served-by: cache-dca17775-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=64243 idim=225x280 ifmt=jpeg ofsz=11161 odim=225x280 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 11161
x-cache-hits: 1, 1

GET
H2 200 TFXx-US-0420-megamenu-3.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3ab904fc-e8f2-483d-abf3-2a891135eb43/ 17 KB
17 KB 45ms
19ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3ab904fc-e8f2-483d-abf3-2a891135eb43/TFXx-US-0420-megamenu-3.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f358f0f9c5b5b9b524d5aeffba38e3e552105cb34ac15bbbee0f35b96a4fa186

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: IFF1zzjkXBiuLjm44DUt9A==
x-timer: S1637149134.638349,VS0,VE1
etag: "79RQ/5SPM9t3TnQnoLMg6Y2XNhy0IgF5hDUFPlPaJUE"
x-served-by: cache-dca17756-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=35944 idim=225x280 ifmt=jpeg ofsz=17428 odim=225x280 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 17428
x-cache-hits: 1, 1

GET
H2 200 navigation-drop-down-thumbnail-keto-tea-skinny-brew.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e3a7eca8-c1a3-467a-83f7-6dd377e460f5/ 12 KB
12 KB 40ms
14ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e3a7eca8-c1a3-467a-83f7-6dd377e460f5/navigation-drop-down-thumbnail-keto-tea-skinny-brew.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e11a8e30f084e4b10f3f78b66bfa7e780f5ac166373e049041810ef717c94fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: z9xeo9gDV2y5DTDSWnGvhQ==
x-timer: S1637149134.638039,VS0,VE1
etag: "KftlCqv+JqXCGsGx7WOoskcu4aUlZXfGH+A0P8OVyPk"
x-served-by: cache-dca17750-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=67050 idim=225x280 ifmt=jpeg ofsz=11801 odim=225x280 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 11801
x-cache-hits: 2, 1

GET
H2 200 navigation-hair-skin-nails%20(2).jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d94551e8-8e4c-4bcd-93b7-ae1285f06af4/ 18 KB
19 KB 47ms
21ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d94551e8-8e4c-4bcd-93b7-ae1285f06af4/navigation-hair-skin-nails%20(2).jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d0211e0015fe2937e3e65ad2d1278438a16a768a7b8f09cf6205d257494fb2db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: T0z7quuHgmKFoQj3hd/sIA==
x-timer: S1637149134.637771,VS0,VE2
etag: "QONKSEmtYlFhN/ak9/xEdGAnB2ZXx9xkMDmIb+EjhBg"
x-served-by: cache-dca17780-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=77685 idim=225x280 ifmt=jpeg ofsz=18795 odim=225x280 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 18795
x-cache-hits: 1, 1

GET
H3 200 us.svg
itworks.com/portal/ 4 KB
1 KB 449ms
449ms Image
image/svg+xml 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworks.com/portal/us.svg

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"116d-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8ace4dbc1dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 ico-search.svg
itworks.com/portal/ 625 B
800 B 462ms
461ms Image
image/svg+xml 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworks.com/portal/ico-search.svg

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

554a99b5851aef249e71b90594c453f1aa49baadd305ccf057e2686cf8694bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"271-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8ace4dbc2dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 ico-user.svg
itworks.com/portal/ 837 B
916 B 462ms
461ms Image
image/svg+xml 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworks.com/portal/ico-user.svg

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fa3d939cc54d19190dcd649af77411ecb671b9511def19acceed663d3c149693

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"345-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8ace4dbc5dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 ico-bag.svg
itworks.com/portal/ 553 B
793 B 439ms
439ms Image
image/svg+xml 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworks.com/portal/ico-bag.svg

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3ea09d57427d6da60661646de7b671ab0f7d1a76cf98d1beb72129656122deae

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"229-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8ace4dbc7dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 ico-close-small-white.svg
itworks.com/portal/ 383 B
704 B 425ms
425ms Image
image/svg+xml 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworks.com/portal/ico-close-small-white.svg

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

557d020af00c516825b46d036cfc6fd60c8174a802a63458c2a63af428014cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"17f-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8ace4dbc9dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:53 GMT

GET
H3 200 OpenSans-Regular.ttf
itworks.com/portal/ 95 KB
59 KB 528ms
528ms Font
font/ttf 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/OpenSans-Regular.ttf

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"17aa4-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/ttf
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8ace4dbcadfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 loader.svg
itworks.com/portal/ 829 B
868 B 425ms
425ms Image
image/svg+xml 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworks.com/portal/loader.svg

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3c09352a88ecf332aef871bfac5b3b54cadbd3c4cc3939dc0e25d7d4e8ce3d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"33d-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8ace4dbcbdfb7-FRA
expires: Wed, 17 Nov 2021 15:38:53 GMT

GET
H3 200 LibreBaskerville-Bold.ttf
itworks.com/portal/ 152 KB
57 KB 529ms
529ms Font
font/ttf 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/LibreBaskerville-Bold.ttf

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2700373ba54a6e0d5809f41d0fdc599d2efffdc7435e7e6af8ef1bed807f659b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"25f24-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/ttf
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8ace4dbcddfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 Barlow-SemiBold.woff2
itworks.com/portal/ 40 KB
40 KB 530ms
530ms Font
font/woff2 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/Barlow-SemiBold.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fbebc879d57a62cbacc7bdb8e072fe9d6eb40f891abce54ac6db2ede231792e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40572
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"9e7c-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6af8ace4dbcedfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 OpenSans-Italic.ttf
itworks.com/portal/ 90 KB
56 KB 512ms
512ms Font
font/ttf 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/OpenSans-Italic.ttf

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

df8cd21a27b100aeb75454d0c4cb04bbf5d1cc54676cc35718189bf07b774000

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"16850-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/ttf
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8ace4dbcfdfb7-FRA
expires: Wed, 17 Nov 2021 15:38:53 GMT

GET
H3 200 Barlow-Italic.woff2
itworks.com/portal/ 42 KB
43 KB 554ms
553ms Font
font/woff2 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/Barlow-Italic.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

822eab63a5c7cb3aa8f6d6ad6849486121e07b4e74b58dbb908856332f0e9957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43276
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"a90c-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6af8ace4dbd0dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 BarlowSemiCondensed-Bold.woff2
itworks.com/portal/ 41 KB
41 KB 522ms
522ms Font
font/woff2 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/BarlowSemiCondensed-Bold.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

867924a22e8d0abb0d4195dc594ec5881f0e17a25c551be2d89dcebcd5cb843c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 41480
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"a208-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6af8ace4dbd1dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 Barlow-Bold.woff2
itworks.com/portal/ 40 KB
40 KB 514ms
514ms Font
font/woff2 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/Barlow-Bold.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e23b3f4759539511b3a3b8b26448d60769832ab18c09514501d3dd6741164212

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40624
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"9eb0-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6af8ace4dbd3dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:53 GMT

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame 0
0 81ms
80ms Preflight 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url=home&depth=99&language=en-US&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-kc-sdkid
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
cf-ray: 6af8ace479e76987-FRA
accept-ranges: bytes
access-control-allow-origin: *
retry-after: 0
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-max-age: 86400
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra19137-FRA
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 204 slimming_gummies_homepage_banner
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 94ms
93ms Preflight 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/slimming_gummies_homepage_banner?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-kc-sdkid
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
cf-ray: 6af8ace5bd036987-FRA
accept-ranges: bytes
access-control-allow-origin: *
retry-after: 0
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-max-age: 86400
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra19180-FRA
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 204 skinny_cold_brew_homepage_banner
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 56ms
56ms Preflight 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/skinny_cold_brew_homepage_banner?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-kc-sdkid
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
cf-ray: 6af8ace5bd086987-FRA
accept-ranges: bytes
access-control-allow-origin: *
retry-after: 0
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-max-age: 86400
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra19132-FRA
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 204 skincare_clinical_study___serum
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 47ms
46ms Preflight 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/skincare_clinical_study___serum?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-kc-sdkid
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
cf-ray: 6af8ace5bd096987-FRA
accept-ranges: bytes
access-control-allow-origin: *
retry-after: 0
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-max-age: 86400
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra19132-FRA
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 204 slimming_gummies_homepage_banner
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 66ms
65ms Preflight 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/slimming_gummies_homepage_banner?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-kc-sdkid
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
cf-ray: 6af8ace5bd0a6987-FRA
accept-ranges: bytes
access-control-allow-origin: *
retry-after: 0
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-max-age: 86400
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra19162-FRA
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 204 skinny_cold_brew_homepage_banner
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 72ms
72ms Preflight 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/skinny_cold_brew_homepage_banner?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-kc-sdkid
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
cf-ray: 6af8ace5bd0b6987-FRA
accept-ranges: bytes
access-control-allow-origin: *
retry-after: 0
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-max-age: 86400
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra19142-FRA
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 204 skincare_clinical_study___serum
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 47ms
46ms Preflight 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/skincare_clinical_study___serum?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-kc-sdkid
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
cf-ray: 6af8ace5bd0d6987-FRA
accept-ranges: bytes
access-control-allow-origin: *
retry-after: 0
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-max-age: 86400
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra19178-FRA
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame 0
0 80ms
80ms Preflight 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=before_and_after_static_content&depth=99&language=en-US&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-kc-sdkid
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
cf-ray: 6af8ace5ed816987-FRA
accept-ranges: bytes
access-control-allow-origin: *
retry-after: 0
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-max-age: 86400
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin-when-cross-origin
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-fra19133-FRA
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 slimming_gummies_homepage_banner Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 7 KB
2 KB 53ms
52ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/slimming_gummies_homepage_banner?depth=99&language=en-US

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4b867a8334abf5c3577e153841ae82c2aacdb9b69fd7b60b24b616a9fec74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
X-KC-SDKID: npmjs.com;kentico-cloud-delivery;4.3.0
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-request-charge: 2
age: 0
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cf-ray: 6af8ace65ebc6987-FRA
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1861
x-served-by: cache-fra19148-FRA
expires: Wed, 17 Nov 2021 11:43:53 GMT
last-modified: Wed, 17 Nov 2021 11:38:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-stale-content: 0
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

GET
H3 200 skinny_cold_brew_homepage_banner Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 7 KB
2 KB 73ms
72ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/skinny_cold_brew_homepage_banner?depth=99&language=en-US

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1155ec53c2456145539b88bcb52d8b47e2956dc4b7f327be3db878db1cfa84b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
X-KC-SDKID: npmjs.com;kentico-cloud-delivery;4.3.0
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-request-charge: 2
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cf-ray: 6af8ace61e126987-FRA
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1837
x-served-by: cache-fra19173-FRA
expires: Wed, 17 Nov 2021 11:43:53 GMT
last-modified: Wed, 17 Nov 2021 10:31:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-stale-content: 0
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

GET
H3 200 skincare_clinical_study___serum Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 7 KB
2 KB 75ms
75ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/skincare_clinical_study___serum?depth=99&language=en-US

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09a7d2e722921211bdda041a8deb4394d8de81dc6dd7e3c0c634b687aa60d8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
X-KC-SDKID: npmjs.com;kentico-cloud-delivery;4.3.0
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-request-charge: 2
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cf-ray: 6af8ace60dcf6987-FRA
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1872
x-served-by: cache-fra19125-FRA
expires: Wed, 17 Nov 2021 11:43:53 GMT
last-modified: Wed, 17 Nov 2021 10:31:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-stale-content: 0
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

GET
H3 200 slimming_gummies_homepage_banner Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 7 KB
2 KB 64ms
63ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/slimming_gummies_homepage_banner?depth=99&language=en-US

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4b867a8334abf5c3577e153841ae82c2aacdb9b69fd7b60b24b616a9fec74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
X-KC-SDKID: npmjs.com;kentico-cloud-delivery;4.3.0
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-request-charge: 2
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cf-ray: 6af8ace62e4b6987-FRA
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1861
x-served-by: cache-fra19148-FRA
expires: Wed, 17 Nov 2021 11:43:53 GMT
last-modified: Wed, 17 Nov 2021 10:31:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-stale-content: 0
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

GET
H3 200 skinny_cold_brew_homepage_banner Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 7 KB
2 KB 40ms
40ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/skinny_cold_brew_homepage_banner?depth=99&language=en-US

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1155ec53c2456145539b88bcb52d8b47e2956dc4b7f327be3db878db1cfa84b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
X-KC-SDKID: npmjs.com;kentico-cloud-delivery;4.3.0
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-request-charge: 2
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cf-ray: 6af8ace63e5d6987-FRA
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1837
x-served-by: cache-fra19135-FRA
expires: Wed, 17 Nov 2021 11:43:53 GMT
last-modified: Wed, 17 Nov 2021 10:31:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-stale-content: 0
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

GET
H3 200 skincare_clinical_study___serum Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 7 KB
2 KB 86ms
86ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/skincare_clinical_study___serum?depth=99&language=en-US

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09a7d2e722921211bdda041a8deb4394d8de81dc6dd7e3c0c634b687aa60d8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
X-KC-SDKID: npmjs.com;kentico-cloud-delivery;4.3.0
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-request-charge: 2
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cf-ray: 6af8ace60dd16987-FRA
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1872
x-served-by: cache-fra19170-FRA
expires: Wed, 17 Nov 2021 11:43:53 GMT
last-modified: Wed, 17 Nov 2021 10:31:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-stale-content: 0
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 620 KB
118 KB 33ms
7ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: itworks.com
URL: https://itworks.com/portal/main.56b4648807625e8293a6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7a79ccffa1d24a51ffa8647d777970b62387f29ba75dbb027eeaf2d054fe5daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: br
vary: Accept-Encoding
age: 913
x-cache: HIT, HIT
content-length: 120185
x-served-by: cache-dca17753-DCA, cache-hhn4022-HHN
access-control-allow-origin: *
x-browser-version: 95
last-modified: Tue, 16 Nov 2021 17:40:15 GMT
x-timer: S1637149134.758307,VS0,VE0
etag: "6193ecff-1d579"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 185, 334

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 2 KB
1 KB 59ms
58ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=before_and_after_static_content&depth=99&language=en-US&limit=1

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82c19ae9ee2f0c4c8b416027b163458bb687c9700e4158884c208f6aa36d8359

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
X-KC-SDKID: npmjs.com;kentico-cloud-delivery;4.3.0
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-request-charge: 2
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cf-ray: 6af8ace66ef76987-FRA
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 938
x-served-by: cache-fra19178-FRA
expires: Wed, 17 Nov 2021 11:43:53 GMT
last-modified: Wed, 17 Nov 2021 10:31:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-stale-content: 0
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

GET
H3 200 34800 Show response
services.itworks.com/product/v1/products/ 1 KB
966 B 483ms
483ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/product/v1/products/34800?country=US&language=en&orderType=Shopping&customerType=LC

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

706073cf83266c8aa1875f1c57d1b110153e2f604033ec71c6de73f6112d907e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

messageid: 6dfcebdc-9062-400b-9d36-0e4a152c80b6
date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:d5dba338-86f0-4142-8d0c-eafbe37e6351
xbypasstokenvalidation: S:True
last-modified: Wed, 17 Nov 2021 10:31:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Origin,Accept-Encoding
cache-control: public, s-maxage=300, max-age=30, stale-while-revalidate=15
access-control-allow-credentials: true
cf-ray: 6af8ace60de16987-FRA

GET
H3 200 33502 Show response
services.itworks.com/product/v1/products/ 1 KB
1 KB 499ms
499ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/product/v1/products/33502?country=US&language=en&orderType=Shopping&customerType=LC

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e621a235d32aa4f4d922ad3e4741ec68fbafc122127ba6fbb5e4c4d9ca68b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

messageid: 21cfb2b0-bccd-42fe-9e5d-9e2427771109
date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:d5dba338-86f0-4142-8d0c-eafbe37e6351
xbypasstokenvalidation: S:True
last-modified: Wed, 17 Nov 2021 10:31:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Origin,Accept-Encoding
cache-control: public, s-maxage=300, max-age=30, stale-while-revalidate=15
access-control-allow-credentials: true
cf-ray: 6af8ace60de46987-FRA

GET
H3 200 34702VALUE Show response
services.itworks.com/product/v1/products/ 2 KB
1 KB 428ms
428ms XHR
application/json 2606:4700::6812:9b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/product/v1/products/34702VALUE?country=US&language=en&orderType=Shopping&customerType=LC

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:9b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47ee0c0d44784b4d14f24d7e0fe844cc409f0a690cc926e8ebaba21713da7108

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

messageid: 672dcd62-a676-49d9-b0c3-5f19feda05f1
date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:d5dba338-86f0-4142-8d0c-eafbe37e6351
xbypasstokenvalidation: S:True
last-modified: Wed, 17 Nov 2021 10:31:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Origin,Accept-Encoding
cache-control: public, s-maxage=300, max-age=30, stale-while-revalidate=15
access-control-allow-credentials: true
cf-ray: 6af8ace60de96987-FRA

GET
H2 200 33402-listing-image-2.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/f0c32f90-b7b3-45fd-a8de-fec7babd1226/ 14 KB
15 KB 9ms
7ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/f0c32f90-b7b3-45fd-a8de-fec7babd1226/33402-listing-image-2.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bd7a486362a1cd2f72a7d806da505186aabb5285b980c0c23f6ed36e8c3943db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: HlqejACYeqOZ/ywKXzwkvw==
x-timer: S1637149134.785945,VS0,VE1
etag: "OKmCUYLiWoThS2pwCgbGAGxwih3YyLn6dsA9JzBE9QQ"
x-served-by: cache-dca17771-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=73257 idim=350x350 ifmt=jpeg ofsz=14682 odim=350x350 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 14682
x-cache-hits: 1, 1

GET
H2 200 35500-product-image-1.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/69125dca-1441-47b8-bea4-1218629ece19/ 49 KB
49 KB 10ms
8ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/69125dca-1441-47b8-bea4-1218629ece19/35500-product-image-1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fb44f5fdd8085bddf74fe1355b7008c8f51ec40436a7cd0231fb0ec09466a635

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: HkPHDKOeB6lpDpguLnMwRw==
x-timer: S1637149134.786128,VS0,VE1
etag: "tBapYxw7OATxoVDmfuNXIB04luvmtbWeJzdHuazafj8"
x-served-by: cache-dca17750-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=51615 idim=900x900 ifmt=jpeg ofsz=50290 odim=900x900 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 50290
fastly-io-warning: Failed to shrink image
x-cache-hits: 1, 1

GET
H2 200 34900VALUE-Keto-Coffee-Pumpkin-Spice-Pods-Product-Image-min.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/95c704c8-d26b-47aa-8ec8-8b86b06a3201/ 64 KB
65 KB 11ms
10ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/95c704c8-d26b-47aa-8ec8-8b86b06a3201/34900VALUE-Keto-Coffee-Pumpkin-Spice-Pods-Product-Image-min.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 29223de210e185b46f52f18349e0c17bcad407d8aed82797f8c3c51fc459e0db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
x-timer: S1637149134.786153,VS0,VE1
etag: "MY0XU4VU75Raf4FQzgiF5xQnaNWqWmpfllS7LwfMZc0"
x-cache: HIT, HIT
fastly-io-info: ifsz=69541 idim=900x900 ifmt=jpeg ofsz=65901 odim=900x900 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 65901
x-served-by: cache-dca17779-DCA, cache-hhn4028-HHN

GET
H2 200 find-my-brew-mobile-500-500.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/745fea28-0a6b-403f-81e3-27a51f14ff45/ 36 KB
36 KB 10ms
9ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/745fea28-0a6b-403f-81e3-27a51f14ff45/find-my-brew-mobile-500-500.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a97654ff76e728477322fabe6e801afca746d6bf9dce84a2e899611d9552cb27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: TTsw+5xiFDQwgrqa9Syskw==
x-timer: S1637149134.786228,VS0,VE1
etag: "cY5XJj3BP7WeXGEywTXldutbLa/1fenTszuKEPjx8V4"
x-served-by: cache-dca17741-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=75194 idim=500x500 ifmt=jpeg ofsz=37037 odim=500x500 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 37037
x-cache-hits: 1, 1

GET
H2 200 It%20Works-Loyal-Customer.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e97b9335-e030-4da6-a52c-5643e6690e22/ 25 KB
25 KB 8ms
7ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e97b9335-e030-4da6-a52c-5643e6690e22/It%20Works-Loyal-Customer.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e18231b54e5c8c0c96e385419788d5388577cfe3ae34dc97c8072b4910ba980c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
x-timer: S1637149134.786309,VS0,VE0
etag: "lH8udxom/RJHQt0XhM/Q/Xs0a8StZzwvzS0mV5ez2S4"
x-cache: HIT, HIT
fastly-io-info: ifsz=64872 idim=433x326 ifmt=jpeg ofsz=25268 odim=433x326 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 527
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 25268
x-served-by: cache-dca17736-DCA, cache-hhn4028-HHN

GET
H2 200 website-join-features-02-400x800px.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fa5ae95f-4b48-465e-8f89-c14b03fde55b/ 38 KB
38 KB 15ms
14ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fa5ae95f-4b48-465e-8f89-c14b03fde55b/website-join-features-02-400x800px.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 72e61a9784660f027a03c16db6956272921688437aac034c8c23095ac43af8d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
content-md5: VoaCxU2b/BMlS46PHX3F1A==
x-timer: S1637149134.786421,VS0,VE1
etag: "uN9GeJ6dcZTmD/ZjVZlKi1lcN9FRTw0/S0EouQZc2/8"
x-served-by: cache-dca17783-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=90962 idim=433x324 ifmt=jpeg ofsz=38590 odim=433x324 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 38590
x-cache-hits: 1, 1

GET
H2 200 Product-Philosophy-%20Transparency-%20US.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/105f1c90-7771-49a3-a725-217cc49ad2d0/ 32 KB
32 KB 11ms
10ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/105f1c90-7771-49a3-a725-217cc49ad2d0/Product-Philosophy-%20Transparency-%20US.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 905b98004bd52b343b2aef06fc3758d7d82c6ceecb492787f856a636c1c59da9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
x-timer: S1637149134.786439,VS0,VE1
etag: "nC/vTYeVCxD05xcL15YOsdt6SLK2Kkr4ZsVYOcmHV+8"
x-cache: HIT, HIT
fastly-io-info: ifsz=147883 idim=433x324 ifmt=jpeg ofsz=32796 odim=433x324 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 32796
x-served-by: cache-dca17777-DCA, cache-hhn4028-HHN

GET
H2 200 Product-Highlight-Homepage-Banner-CollagenWorks-and-Hydrate+-desktop-us-min.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b3e65c55-489a-4e93-be57-7c2a6a572105/ 60 KB
60 KB 15ms
14ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b3e65c55-489a-4e93-be57-7c2a6a572105/Product-Highlight-Homepage-Banner-CollagenWorks-and-Hydrate+-desktop-us-min.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7622d96646edfde19c9d60ecf8e678f45604598b3feec5a6c70fa65c7eb7c60f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
x-timer: S1637149134.786491,VS0,VE2
etag: "UIqfaxYFcn2zeITKcUQz5KuWRbQc/kxWsQcTyl7A7/8"
x-cache: HIT, HIT
fastly-io-info: ifsz=64076 idim=1920x500 ifmt=jpeg ofsz=61058 odim=1920x500 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 61058
x-served-by: cache-dca17745-DCA, cache-hhn4028-HHN

GET
H2 200 SugarCookieKetoCoffee-1121-web-home-banner-launch-1920x500-us-en-001%20(2)-min.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e0bfa8ba-37b5-4f3f-ba66-0b53e79216a7/ 55 KB
55 KB 15ms
14ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e0bfa8ba-37b5-4f3f-ba66-0b53e79216a7/SugarCookieKetoCoffee-1121-web-home-banner-launch-1920x500-us-en-001%20(2)-min.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 91f4ba530edbef7fbe7aa5898f78361f7c6b2ddb9b3bea747f50c3984b6a7c94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
x-timer: S1637149134.786548,VS0,VE1
etag: "ID3oniyMlLZktCExea9tpWT8dAccT2rBmdPIGVdox9Q"
x-cache: HIT, HIT
fastly-io-info: ifsz=58680 idim=1920x500 ifmt=jpeg ofsz=56148 odim=1920x500 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 56148
x-served-by: cache-dca17768-DCA, cache-hhn4028-HHN

GET
H2 200 PumpkinSpice-0821-web-hero-banner-desktop-1920x500-US-EN.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/725ffd2c-1813-4191-93f6-61515bfdea3a/ 71 KB
71 KB 15ms
14ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/725ffd2c-1813-4191-93f6-61515bfdea3a/PumpkinSpice-0821-web-hero-banner-desktop-1920x500-US-EN.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4f87aa6c96e62a7022cc0e65ebc642b60e9bafee7853158fb05f44f72cf8385d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
x-timer: S1637149134.786622,VS0,VE1
etag: "LezE3Rhdzuf9570nh5OP0YSHbL0hcO34deMewp11KQg"
x-cache: HIT, HIT
fastly-io-info: ifsz=230006 idim=1920x500 ifmt=jpeg ofsz=72960 odim=1920x500 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 72960
x-served-by: cache-dca17767-DCA, cache-hhn4028-HHN

GET
H2 200 ConfidenceLabelLaunch-0921-web-home-launch-1920x500-us-en-001-d1-2-min.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a3e33846-3355-4b75-9c53-35afb1e6b449/ 87 KB
87 KB 15ms
14ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a3e33846-3355-4b75-9c53-35afb1e6b449/ConfidenceLabelLaunch-0921-web-home-launch-1920x500-us-en-001-d1-2-min.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8ed083947405f8ae68eb8bbd952d476ff535b866aa46b89e9fd14632ad1700a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:53 GMT
x-timer: S1637149134.786728,VS0,VE1
etag: "ToO34/tpU8p6hqXO6UMfJ/56dI3aYKlfRte7tB6486s"
x-cache: HIT, HIT
fastly-io-info: ifsz=93435 idim=1920x500 ifmt=jpeg ofsz=89099 odim=1920x500 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 89099
x-served-by: cache-dca17725-DCA, cache-hhn4028-HHN

GET
H3 200 ico-bag-white.svg
itworks.com/portal/ 2 KB
1 KB 430ms
429ms Image
image/svg+xml 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworks.com/portal/ico-bag-white.svg

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0833a784ffb81e1aa0d9473fdd4d86d9006399de917dbe9494ea62cc2fa7ffbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"7ae-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6af8ace65e02dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 Barlow-BoldItalic.woff2
itworks.com/portal/ 42 KB
43 KB 505ms
504ms Font
font/woff2 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/Barlow-BoldItalic.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

978d115fc0760dc14711aa91f972f1388d08aaad8b28721f9aec209375f2176d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43304
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"a928-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6af8ace65e05dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 Barlow-Thin.woff2
itworks.com/portal/ 37 KB
38 KB 507ms
507ms Font
font/woff2 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/Barlow-Thin.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9a3f3ad4d5d222ab0f59447a43ee2886c742af692ac1540b688cfd0057be6f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38252
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"956c-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6af8ace65e07dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 fa-solid-900.woff2
itworks.com/portal/ 49 KB
50 KB 516ms
516ms Font
font/woff2 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/fa-solid-900.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e23fe6a6a5d9998a759442e8e5c716797a32282f8de163fce97c656408682bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50388
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"c4d4-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6af8ace65e0adfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

OPTIONS
H2 204 5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/ Frame 0
0 296ms
96ms Preflight 52.203.83.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.83.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-83-235.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Origin: https://itworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000

POST
H2 202 5bb3bd847387e1367e01ff04 Show response
events.launchdarkly.com/events/bulk/ 0
328 B 194ms
193ms XHR
application/json 52.203.83.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04

Requested by

Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.83.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-83-235.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itworks.com/
X-LaunchDarkly-Event-Schema: 3
Accept-Language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.7.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
strict-transport-security: max-age=31536000
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
content-length: 0

GET
H2 200 Before-&-After-248682-Skinny-Brew-min.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/35b3ab0b-d5a7-4572-bce6-a28e9c9f9879/ 146 KB
146 KB 21ms
20ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/35b3ab0b-d5a7-4572-bce6-a28e9c9f9879/Before-&-After-248682-Skinny-Brew-min.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b0e6994533100c38112c06ce515d8131e150984f6812a8461c108229800c9f19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-timer: S1637149134.019993,VS0,VE1
etag: "I7OPv1Ae++MXW/Mlch3o9Oxs4qClg854J0kNXi6IkTE"
x-served-by: cache-dca17772-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=149712 idim=2100x1050 ifmt=jpeg ofsz=149712 odim=2100x1050 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 149712
fastly-io-warning: Failed to shrink image
x-cache-hits: 1, 1

GET
H2 200 Before-&-After-237727-It-Works!-Cleanse-It-Works!-Keto-Coffee-min.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ac08a675-a4f3-4819-b54c-599eb63bb2b4/ 144 KB
144 KB 19ms
18ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ac08a675-a4f3-4819-b54c-599eb63bb2b4/Before-&-After-237727-It-Works!-Cleanse-It-Works!-Keto-Coffee-min.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2302dddf06a51745460e085adf28bcef196f780e3ebbd679282122a781e659f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-timer: S1637149134.020082,VS0,VE1
etag: "xk7v96SjLqmUdzTI67nPynzrBCmCitfr042dnKltX+Y"
x-served-by: cache-dca17733-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=147176 idim=2100x1050 ifmt=jpeg ofsz=147176 odim=2100x1050 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 147176
fastly-io-warning: Failed to shrink image
x-cache-hits: 1, 1

GET
H2 200 Before-&-After-214394-Skinny-Brew-min.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fa9b47e1-f79e-4513-8d86-6e263a774bdd/ 124 KB
124 KB 19ms
19ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fa9b47e1-f79e-4513-8d86-6e263a774bdd/Before-&-After-214394-Skinny-Brew-min.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f32dba68b6f145f437f1e94f2dd110a498d610588229e3d9df8ef9fee1c25a1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-timer: S1637149134.020125,VS0,VE1
etag: "nOKL42ZRncvdUy02aE+2z9zCB7VZ/SPADpxVygeRsIs"
x-cache: HIT, HIT
fastly-io-info: ifsz=134449 idim=2100x1050 ifmt=jpeg ofsz=126719 odim=2100x1050 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 126719
x-served-by: cache-dca17751-DCA, cache-hhn4028-HHN

GET
H3 200 Barlow-Medium.woff2
itworks.com/portal/ 38 KB
39 KB 508ms
507ms Font
font/woff2 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/Barlow-Medium.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5669732b2e5689f81502d03a6583a95e0e423587e0412d93cfb854a92ce4de8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39236
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"9944-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6af8ace8086adfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H3 200 Barlow-MediumItalic.woff2
itworks.com/portal/ 42 KB
43 KB 522ms
521ms Font
font/woff2 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/Barlow-MediumItalic.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f06e519432f00349be1b5c077fa6806f7504c4c53fd41393d1597715bc236dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43448
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"a9b8-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6af8ace8086bdfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H2 200 Pick2-3-0921-homebanner-SlimmingGummies-Refresh-1920x500-min.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d2bd2336-367f-48d2-930c-4f45f0c55de5/ 95 KB
95 KB 10ms
8ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d2bd2336-367f-48d2-930c-4f45f0c55de5/Pick2-3-0921-homebanner-SlimmingGummies-Refresh-1920x500-min.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1aad2aef26d0898e696d447c0b14153f297a8c66489a1b572f62e7beac66f833

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-timer: S1637149134.112173,VS0,VE1
etag: "tTL4h+AzipKQkU6GJMBI0WUpREx266RErDqfkpQHcdk"
x-cache: HIT, HIT
fastly-io-info: ifsz=104710 idim=1920x500 ifmt=jpeg ofsz=97132 odim=1920x500 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 97132
x-served-by: cache-dca12928-DCA, cache-hhn4028-HHN

GET
H2 200 SkinnyColdBrew-0721-web-home-Concept-1920x500-us-en-001-2-min.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/60a0d1a2-42f9-4683-8253-edd4ffd4360f/ 83 KB
83 KB 11ms
10ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/60a0d1a2-42f9-4683-8253-edd4ffd4360f/SkinnyColdBrew-0721-web-home-Concept-1920x500-us-en-001-2-min.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a1a23a6354a3048a5a533050baaf6b7f52382240f9dcdc8d1826cad1c9d9eb3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-timer: S1637149134.112364,VS0,VE1
etag: "EeW7YYB2N+ODJp3aGzUpCegGLfeVwl10zm56keaaZ70"
x-cache: HIT, HIT
fastly-io-info: ifsz=89991 idim=1920x500 ifmt=jpeg ofsz=85109 odim=1920x500 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 85109
x-served-by: cache-dca17775-DCA, cache-hhn4028-HHN

GET
H2 200 ClinicalStudies-0321-web-home-banner-skincare-Radiance-1920x500-us-en-002.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a213f421-ef18-42f8-a134-b5f057391561/ 23 KB
24 KB 8ms
7ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a213f421-ef18-42f8-a134-b5f057391561/ClinicalStudies-0321-web-home-banner-skincare-Radiance-1920x500-us-en-002.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 465706b773c1d3cdc6142cf85cc47bd4586f4523344ce5a526683daf5872eb2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-timer: S1637149134.112573,VS0,VE1
etag: "AnuYNjuerCk/GPU/Py6eWXrizqjc9s7lHvu3efqAwFA"
x-cache: HIT, HIT
fastly-io-info: ifsz=167466 idim=1920x500 ifmt=jpeg ofsz=23833 odim=1920x500 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
x-cache-hits: 1, 1
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 23833
x-served-by: cache-dca17745-DCA, cache-hhn4028-HHN

GET
H2 200 34700-featured-image.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b643cf72-f9dc-4251-a861-2b7ffe59e0c8/ 29 KB
29 KB 8ms
8ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b643cf72-f9dc-4251-a861-2b7ffe59e0c8/34700-featured-image.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6deeec877667bf2542edceb1bdb210a6c5d3e516c66b8aa0ccac64ae2947e67c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-md5: qVG4pubOqHY5SuQoPGO5xA==
x-timer: S1637149134.272833,VS0,VE1
etag: "0Jmm4bEXH+c/mRPQeBrsM2RtjwFz6+BzgdLvTWAb0Fs"
x-served-by: cache-dca17769-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=80691 idim=433x326 ifmt=jpeg ofsz=29914 odim=433x326 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 29914
x-cache-hits: 1, 1

GET
H3 200 Barlow-Black.woff2
itworks.com/portal/ 39 KB
40 KB 506ms
505ms Font
font/woff2 2606:4700::6812:8b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/Barlow-Black.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/portal/styles.a63eeec8efae808c372e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:8b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8d47ba4fcad807396c71cba28634d519b0378a3cf2954eadc6cd3e9aeb6cb664

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://itworks.com/portal/styles.a63eeec8efae808c372e.css
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40212
request-context: appId=cid-v1:f26b57f4-cac1-4bb1-b41d-723c4cb5c864
last-modified: Mon, 15 Nov 2021 17:58:17 GMT
server: cloudflare
etag: W/"9d14-17d24bfeaa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: font/woff2
access-control-allow-origin: https://itworks.com
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6af8ace93a16dfb7-FRA
expires: Wed, 17 Nov 2021 15:38:54 GMT

GET
H2 200 34800-featured-image.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/18ec2025-0227-48e9-9e83-73b3f48841ae/ 21 KB
21 KB 9ms
9ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/18ec2025-0227-48e9-9e83-73b3f48841ae/34800-featured-image.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8a7df1ab78628c3eae5e99b503aeb0ccf7142859a4f4454b5aba0b49722dc928

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-md5: Rk/V0YJxaomDWHsfNyBEgA==
x-timer: S1637149134.321278,VS0,VE1
etag: "mFPymLgvR04dOUbWmy0LeWWXiTqY6yMqcA2JhNiYpME"
x-served-by: cache-dca17739-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=44777 idim=433x324 ifmt=jpeg ofsz=21472 odim=433x324 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 21472
x-cache-hits: 1, 1

GET
H2 200 33502-featured-image.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/67ee8170-cd28-47b6-9da4-a86af2b42da8/ 23 KB
23 KB 7ms
7ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/67ee8170-cd28-47b6-9da4-a86af2b42da8/33502-featured-image.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 351f6546e8e7745970e803f0648dc0d4aeb010a1ae9e913713882aef30564d5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-md5: AN++HaDiUIpOfdPommRCJg==
x-timer: S1637149134.341486,VS0,VE0
etag: "Y57rsgnl97hgRP1rWaYFnLVqcZ71b382YvRcl9umz5Q"
x-served-by: cache-dca17751-DCA, cache-hhn4028-HHN
x-cache: HIT, HIT
fastly-io-info: ifsz=110742 idim=433x324 ifmt=jpeg ofsz=23835 odim=433x324 ofmt=jpeg
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 23835
x-cache-hits: 1, 7

GET
H2 200 togfjdpsff.json Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 9ms
9ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/togfjdpsff.json?callback=wistiajson1

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9d559a6492e1cf554306e957124feeb4b1389b4e9e9b911b336501715f82f328

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 75015
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,Referer,X-Forwarded-Proto,X-Normalized-User-Agent,X-ECMA-Override
content-length: 1759
x-request-id: e81c8e584eea22f6da4dad1e696f9daf
x-served-by: cache-dca17783-DCA, cache-hhn4022-HHN
x-runtime: 0.068880
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1637149134.493021,VS0,VE1
etag: W/"9d559a6492e1cf554306e957124feeb4"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 95
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 92 KB
24 KB 8ms
8ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

24ecd013e470123bdc4f54e87fcfaf071fb4f1b8ca55d7cd763f13b5efd04da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
vary: Accept-Encoding
age: 914
x-cache: HIT, HIT
content-length: 24755
x-served-by: cache-dca17751-DCA, cache-hhn4022-HHN
access-control-allow-origin: *
x-browser-version: 95
last-modified: Tue, 16 Nov 2021 17:40:15 GMT
x-timer: S1637149134.493144,VS0,VE0
etag: "6193ecff-60b3"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37, 105

GET
H2 200 15j9iapdob.json Show response
fast.wistia.com/embed/medias/ 6 KB
2 KB 9ms
8ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/15j9iapdob.json?callback=wistiajson2

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6701f218b1e9c03b3a2e0f8bfb05c7bb800a7eb308efced90cb838ef1b92bede

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 28692
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,Referer,X-Forwarded-Proto,X-Normalized-User-Agent,X-ECMA-Override
content-length: 1734
x-request-id: d0af96d74044bb56fcc91b8c2684061c
x-served-by: cache-dca17734-DCA, cache-hhn4022-HHN
x-runtime: 0.053926
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1637149134.498593,VS0,VE1
etag: W/"6701f218b1e9c03b3a2e0f8bfb05c7bb"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 95
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 e4g7xpjwyb.json Show response
fast.wistia.com/embed/medias/ 5 KB
2 KB 8ms
7ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/e4g7xpjwyb.json?callback=wistiajson3

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f857ea2921f89d79218dbba7ac06e1159522757cd06a77f282e2652035e890b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 37626
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,Referer,X-Forwarded-Proto,X-Normalized-User-Agent,X-ECMA-Override
content-length: 1504
x-request-id: ce4305d6b72491697a57ef9f66f8cfd7
x-served-by: cache-dca17751-DCA, cache-hhn4022-HHN
x-runtime: 0.058431
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1637149135.502483,VS0,VE1
etag: W/"f857ea2921f89d79218dbba7ac06e115"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 95
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 captions.js Show response
fast.wistia.com/assets/external/ 162 KB
27 KB 19ms
18ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/captions.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

66c6917d00756d78acac77f5768ad0f9954abb1de1e31a75961c691bca58adc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
vary: Accept-Encoding
age: 914
x-cache: HIT, HIT
content-length: 27354
x-served-by: cache-dca17751-DCA, cache-hhn4022-HHN
access-control-allow-origin: *
x-browser-version: 95
last-modified: Tue, 16 Nov 2021 17:40:15 GMT
x-timer: S1637149135.519763,VS0,VE0
etag: "6193ecff-6ada"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 52

GET
H2 200 dq239s3w0d.json Show response
fast.wistia.com/embed/medias/ 5 KB
2 KB 13ms
12ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/dq239s3w0d.json?callback=wistiajson4

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bb3cfdede9cb3f1986c4abc23f1a80797f1d0d3e80a8e1efc59c73b111cbe6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 28691
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,Referer,X-Forwarded-Proto,X-Normalized-User-Agent,X-ECMA-Override
content-length: 1558
x-request-id: a362a063e3f515521802bf55f28e4f65
x-served-by: cache-dca12929-DCA, cache-hhn4022-HHN
x-runtime: 0.052725
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1637149135.519904,VS0,VE1
etag: W/"bb3cfdede9cb3f1986c4abc23f1a8079"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 95
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 share-v2.js Show response
fast.wistia.com/assets/external/ 49 KB
11 KB 9ms
9ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/share-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

485df0f06841c2a76eee466155ce93b603f0b72506a0067977e1a5bea5bdd8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
vary: Accept-Encoding
age: 912
x-cache: HIT, HIT
content-length: 11532
x-served-by: cache-dca17729-DCA, cache-hhn4022-HHN
access-control-allow-origin: *
x-browser-version: 95
last-modified: Tue, 16 Nov 2021 17:40:15 GMT
x-timer: S1637149135.538595,VS0,VE0
etag: "6193ecff-2d0c"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 14

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 59 KB
12 KB 8ms
6ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a9285adaf02068a67b57c100da007051bc6e0d994db63aefb97b7da2955466a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
vary: Accept-Encoding
age: 914
x-cache: HIT, HIT
content-length: 12645
x-served-by: cache-dca17757-DCA, cache-hhn4022-HHN
access-control-allow-origin: *
x-browser-version: 95
last-modified: Tue, 16 Nov 2021 17:40:15 GMT
x-timer: S1637149135.546821,VS0,VE0
etag: "6193ecff-3165"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 172

GET
H2 200 fc76c492e64551f8db258be49e61f1a9.webp
embed-fastly.wistia.com/deliveries/ 86 KB
86 KB 42ms
7ms Image
image/webp 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-fastly.wistia.com/deliveries/fc76c492e64551f8db258be49e61f1a9.webp?image_crop_resized=1920x1080
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fbcb66ed67cb008d855d5a75e3bd2b5c7c6cbd21688ce5cc47112032f54cd269

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
via: 1.1 varnish, 1.1 varnish
age: 2452997
edge-cache-tag: fc76c492e64551f8db258be49e61f1a9
access-control-request-method: *
x-cache-hits: 1, 1
x-cache: HIT, HIT
content-length: 87586
x-served-by: cache-dca17743-DCA, cache-hhn4021-HHN
last-modified: Thu, 30 Jan 2020 05:03:54 UTC
x-timer: S1637149135.607035,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline
cache-control: max-age=31536000
accept-ranges: bytes
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache

GET
H2 200 captions.js Show response
fast.wistia.com/assets/external/ 162 KB
27 KB 12ms
12ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/captions.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

66c6917d00756d78acac77f5768ad0f9954abb1de1e31a75961c691bca58adc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
vary: Accept-Encoding
age: 914
x-cache: HIT, HIT
content-length: 27354
x-served-by: cache-dca17751-DCA, cache-hhn4022-HHN
access-control-allow-origin: *
x-browser-version: 95
last-modified: Tue, 16 Nov 2021 17:40:15 GMT
x-timer: S1637149135.592012,VS0,VE0
etag: "6193ecff-6ada"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 53

GET
H2 200 togfjdpsff.json Show response
fast.wistia.com/embed/captions/ 265 B
717 B 99ms
99ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/togfjdpsff.json?callback=wistiajson5

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4bc5774d558b843b43ad1fd5f915949c0e5e56eb69c46b501639a7fde9c74f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 2313
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 187
x-request-id: 53b85a82b6fda0166b6018dfa9ff87b0
x-served-by: cache-dca17756-DCA, cache-hhn4022-HHN
x-runtime: 0.008574
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1637149135.619224,VS0,VE89
etag: W/"4bc5774d558b843b43ad1fd5f915949c"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 95
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 0a36934bfc4bfc8d935d55ed34c4d354.webp
embed-fastly.wistia.com/deliveries/ 91 KB
91 KB 7ms
7ms Image
image/webp 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-fastly.wistia.com/deliveries/0a36934bfc4bfc8d935d55ed34c4d354.webp?image_crop_resized=1920x1080
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93313634b3bde04701f8863c8be9742133d7ac51de92b6b928f139e265ae4a56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
via: 1.1 varnish, 1.1 varnish
age: 1137048
edge-cache-tag: 0a36934bfc4bfc8d935d55ed34c4d354
access-control-request-method: *
x-cache-hits: 1, 1
x-cache: HIT, HIT
content-length: 93282
x-served-by: cache-dca17723-DCA, cache-hhn4021-HHN
last-modified: Mon, 20 Sep 2021 18:15:13 UTC
x-timer: S1637149135.633490,VS0,VE1
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/webp
access-control-allow-origin: *
content-disposition: inline
cache-control: max-age=31536000
accept-ranges: bytes
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache

GET
H2 200 15j9iapdob.json Show response
fast.wistia.com/embed/captions/ 262 B
708 B 101ms
101ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/15j9iapdob.json?callback=wistiajson6

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaaa1d783f36dff46a412bf91c9a9eaef414003bf260b99742ca146022dd267b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 2313
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 184
x-request-id: 422dbc38c8d16196e029621a5d80a69b
x-served-by: cache-dca17736-DCA, cache-hhn4022-HHN
x-runtime: 0.008915
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1637149135.649850,VS0,VE94
etag: W/"aaaa1d783f36dff46a412bf91c9a9eae"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 95
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 15j9iapdob.json Show response
fast.wistia.com/embed/captions/ 262 B
411 B 118ms
118ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/15j9iapdob.json?callback=wistiajson7

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bf71b5fd93b82c8bad9327eaf764dc0ba6273ab941645e6c2092769421fe464e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 184
x-request-id: 2baf1d59e409c146e275aa9a63081200
x-served-by: cache-dca17735-DCA, cache-hhn4022-HHN
x-runtime: 0.011707
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1637149135.663277,VS0,VE107
etag: W/"bf71b5fd93b82c8bad9327eaf764dc0b"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 95
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H/1.1 200
OK 147c329a9017b6ed8d333905d79e6fa3.webp
embedwistia-a.akamaihd.net/deliveries/ 47 KB
47 KB 47ms
17ms Image
image/webp 2.16.186.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedwistia-a.akamaihd.net/deliveries/147c329a9017b6ed8d333905d79e6fa3.webp?image_crop_resized=1920x1080
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 851cdaf02c15447fc8d1b33beb43ef4c96b67c8834aa6a2b490b2722541a136a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 11:38:54 GMT
Access-Control-Request-Method: *
surrogate-key: 147c329a9017b6ed8d333905d79e6fa3 thumbnail-delivery
Last-Modified: Sat, 17 Jul 2021 22:10:47 UTC
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=31416234
content-disposition: inline
Connection: keep-alive
Accept-Ranges: none
Content-Length: 47936

GET
H2 200 dq239s3w0d.json Show response
fast.wistia.com/embed/captions/ 263 B
692 B 100ms
100ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/dq239s3w0d.json?callback=wistiajson8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b5f27a3234c41b28b5ed7cf5318473947cb43084be94bec9bc333735b4ecebf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 2319
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 185
x-request-id: 1e3351eb1aefdc87c2a4a8e34b459e21
x-served-by: cache-dca17733-DCA, cache-hhn4022-HHN
x-runtime: 0.009464
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1637149135.683884,VS0,VE93
etag: W/"b5f27a3234c41b28b5ed7cf531847394"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 95
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 dq239s3w0d.json Show response
fast.wistia.com/embed/captions/ 263 B
394 B 99ms
98ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/dq239s3w0d.json?callback=wistiajson9

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1e850e50c4c6cb0488526bdc92513b96d3742536c8e2d6a75fc6e98473f1d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 2319
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,Accept-Language
content-length: 185
x-request-id: fdff0c14b1f90c42d4af51f9118e5e9f
x-served-by: cache-dca17758-DCA, cache-hhn4022-HHN
x-runtime: 0.012653
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1637149135.698374,VS0,VE89
etag: W/"f1e850e50c4c6cb0488526bdc92513b9"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 95
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H/1.1 200
OK 6f32f04f7567e92d322f76c9aa98e20c.webp
embedwistia-a.akamaihd.net/deliveries/ 52 KB
52 KB 29ms
17ms Image
image/webp 2.16.186.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedwistia-a.akamaihd.net/deliveries/6f32f04f7567e92d322f76c9aa98e20c.webp?image_crop_resized=1522x856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a408692c0e11f51507769619f10aac090bf2972fe665ac897d866d391e37149a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 11:38:54 GMT
Access-Control-Request-Method: *
surrogate-key: 6f32f04f7567e92d322f76c9aa98e20c thumbnail-delivery
Last-Modified: Tue, 03 Dec 2019 20:24:25 UTC
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=31363119
content-disposition: inline
Connection: keep-alive
Accept-Ranges: none
Content-Length: 52896

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 432 KB
102 KB 13ms
13ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d856e3ae57e5363655e3827e206a5cfccb649fbb7396e1e23e97a44c03ecce17

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
content-encoding: br
vary: Accept-Encoding
age: 913
x-cache: HIT, HIT
content-length: 103971
x-served-by: cache-dca17731-DCA, cache-hhn4022-HHN
access-control-allow-origin: *
x-browser-version: 95
last-modified: Tue, 16 Nov 2021 17:40:15 GMT
x-timer: S1637149135.711634,VS0,VE0
etag: "6193ecff-19623"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 140

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 21ms
7ms Image
image/gif 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://itworks.com/
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:54 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
age: 51314
x-cache: HIT, HIT
x-cache-hits: 1, 4259
content-length: 1214
x-served-by: cache-dca17733-DCA, cache-hhn4032-HHN
x-browser-version: 95
last-modified: Tue, 16 Nov 2021 21:20:34 GMT
x-timer: S1637149135.800731,VS0,VE0
etag: "619420a2-4be"
strict-transport-security: max-age=0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 x Show response
distillery.wistia.com/ 0
95 B 302ms
99ms XHR
text/plain 54.86.117.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-117-43.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 17 Nov 2021 11:38:55 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 296ms
98ms XHR
text/plain 54.86.117.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-117-43.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 17 Nov 2021 11:38:55 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 204 x Show response
distillery.wistia.com/ 0
95 B 256ms
100ms XHR
text/plain 54.86.117.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-117-43.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 17 Nov 2021 11:38:55 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 204 x Show response
distillery.wistia.com/ 0
95 B 213ms
99ms XHR
text/plain 54.86.117.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-117-43.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 17 Nov 2021 11:38:55 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 412ms
195ms XHR
text/plain 52.23.190.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: itworks.com
URL: https://itworks.com/portal/polyfills.a1ef6e9abea6fe3dfa69.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.190.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-190-53.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 17 Nov 2021 11:38:55 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 40 KB
9 KB 7ms
7ms Script
application/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c82ddc7dad798f567298c90332650b71a2d443c5462364de9fc6682383ca9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://itworks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:38:55 GMT
content-encoding: br
vary: Accept-Encoding
age: 914
x-cache: HIT, HIT
content-length: 9044
x-served-by: cache-dca17768-DCA, cache-hhn4022-HHN
access-control-allow-origin: *
x-browser-version: 95
last-modified: Tue, 16 Nov 2021 17:40:15 GMT
x-timer: S1637149136.581384,VS0,VE0
etag: "6193ecff-2354"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 109

POST /
fg8vvsvnieiv3ej16jby.litix.io/ 0
0

OPTIONS /
fg8vvsvnieiv3ej16jby.litix.io/ Frame 0
0

POST /
fg8vvsvnieiv3ej16jby.litix.io/ 0
0

OPTIONS /
fg8vvsvnieiv3ej16jby.litix.io/ Frame 0
0

POST /
fg8vvsvnieiv3ej16jby.litix.io/ 0
0

OPTIONS /
fg8vvsvnieiv3ej16jby.litix.io/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fg8vvsvnieiv3ej16jby.litix.io
URL: https://fg8vvsvnieiv3ej16jby.litix.io/

Domain: fg8vvsvnieiv3ej16jby.litix.io
URL: https://fg8vvsvnieiv3ej16jby.litix.io/

Domain: fg8vvsvnieiv3ej16jby.litix.io
URL: https://fg8vvsvnieiv3ej16jby.litix.io/

Domain: fg8vvsvnieiv3ej16jby.litix.io
URL: https://fg8vvsvnieiv3ej16jby.litix.io/

Domain: fg8vvsvnieiv3ej16jby.litix.io
URL: https://fg8vvsvnieiv3ej16jby.litix.io/

Domain: fg8vvsvnieiv3ej16jby.litix.io
URL: https://fg8vvsvnieiv3ej16jby.litix.io/

Domain: fg8vvsvnieiv3ej16jby.litix.io
URL: https://fg8vvsvnieiv3ej16jby.litix.io/

Domain: fg8vvsvnieiv3ej16jby.litix.io
URL: https://fg8vvsvnieiv3ej16jby.litix.io/

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.itworks.com/	1970-01-20 16:17:01	Name: _ga Value: GA1.2.986216896.1637149131
.itworks.com/	1970-01-19 22:47:15	Name: _gid Value: GA1.2.1654163283.1637149131
.itworks.com/	1970-01-20 07:31:25	Name: _pin_unauth Value: dWlkPU16a3lNMk5sWVRjdE5HWm1NUzAwWlRBNUxUaGlNV1l0WTJVNU1HVTBOVFEyT0RJNA
.itworks.com/	1970-01-19 22:45:49	Name: _gat_UA-34387203-12 Value: 1
.itworks.com/	1970-01-20 07:31:25	Name: toggle-user Value: US-en-RC-06
.itworks.com/	1970-01-20 07:31:25	Name: IWGCountrySlug Value: US
.itworks.com/	1970-01-19 22:45:50	Name: __cf_bm Value: jyp4NRDP9JxJQBNyAkBWHhGb1T8lziZpSmQmaAdYH2Y-1637149131-0-ASh7V3jFMVL1MKpsyHyFxSuL6FW9+74yNRZraYgeVsEw8VhCStBoeXcWx10TvkbE7L5NcC4PCNSS4DZ2YPbr6XoRrIQf0DN6n5f5Yvv8OlurFvFD2zR+R7f2OdkUzW0Bgg==
www.pinterest.de/	1970-01-20 07:24:13	Name: _pinterest_sess Value: TWc9PSZLN0FFUkVvcHlPSVVDYmpreFowZTJTaGpEKzFhYm55YzNZUXBGSHExTnViTkxLYUZCby9MRVdhZytIQWFyOFRvMWlkSnhyTjNwcWo5elFZaFF1RnNIRkQyRVJBNzIwSXdBa3EyZkpUZGZvbWxTSmZqdE9wa29ZZzdLSnMzVEFFQSZNWk43RHViVVRtVkdPcm9mYWM4Q0NOYnN1T0U9
.itworks.com/	1970-01-20 07:31:24	Name: IWGSessionGuid Value: {976EB47B-3403-4F48-9E3B-877A27676CBE}
.itworks.com/	1970-01-20 07:31:25	Name: IWGLanguageSlug Value: en

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-58bcf28fa27695f7df12183f9f987a13' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
assets-us-01.kc-usercontent.com
clientstream.launchdarkly.com
cmsproxy.itworks.com
code.jquery.com
ct.pinterest.com
distillery.wistia.com
embed-fastly.wistia.com
embedwistia-a.akamaihd.net
events.launchdarkly.com
fast.wistia.com
fg8vvsvnieiv3ej16jby.litix.io
itworks.com
pipedream.wistia.com
s.pinimg.com
services.itworks.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.pinterest.com
www.pinterest.de
fg8vvsvnieiv3ej16jby.litix.io
104.75.88.209
13.248.151.210
142.250.186.142
151.101.2.217
151.101.66.133
2.16.186.33
2001:4de0:ac18::1:a:1b
216.58.212.136
2606:4700::6810:5f41
2606:4700::6812:8b8
2606:4700::6812:9b8
2a00:1450:4001:80e::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:400c:c07::9a
2a02:26f0:6c00:2b3::1931
2a04:4e42:400::622
52.203.83.235
52.23.190.53
54.86.117.43
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
04884b6d1580dad38327db8c260d55114503f8aef7f03618ea66f45fd4e5f69c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
0833a784ffb81e1aa0d9473fdd4d86d9006399de917dbe9494ea62cc2fa7ffbf
09a7d2e722921211bdda041a8deb4394d8de81dc6dd7e3c0c634b687aa60d8fb
0c05010f3121088314ab8a5e700d4d15b062e8e56859fbbd1a26bb139012d8b9
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d49d151fc7f30fcce3ab830012b69073a6e41b643059a987c582ec9b01f6ad5
10dfab290668d7ecdbceab8c22eec446f2417db4b6f1ac61c5c96eac69fd6c25
1155ec53c2456145539b88bcb52d8b47e2956dc4b7f327be3db878db1cfa84b1
1449fd02aec88654060c9445737b5dd4611ac80ad2c216c53a6ae3136e1c5605
19a54bd285a3700e1fba9412df860d829bccf8c57ba1d50b271726934938a388
1aad2aef26d0898e696d447c0b14153f297a8c66489a1b572f62e7beac66f833
24ecd013e470123bdc4f54e87fcfaf071fb4f1b8ca55d7cd763f13b5efd04da3
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377
26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf
2700373ba54a6e0d5809f41d0fdc599d2efffdc7435e7e6af8ef1bed807f659b
29223de210e185b46f52f18349e0c17bcad407d8aed82797f8c3c51fc459e0db
351f6546e8e7745970e803f0648dc0d4aeb010a1ae9e913713882aef30564d5d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c09352a88ecf332aef871bfac5b3b54cadbd3c4cc3939dc0e25d7d4e8ce3d5f
3ea09d57427d6da60661646de7b671ab0f7d1a76cf98d1beb72129656122deae
40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15
465706b773c1d3cdc6142cf85cc47bd4586f4523344ce5a526683daf5872eb2d
47ee0c0d44784b4d14f24d7e0fe844cc409f0a690cc926e8ebaba21713da7108
485df0f06841c2a76eee466155ce93b603f0b72506a0067977e1a5bea5bdd8f7
4bc5774d558b843b43ad1fd5f915949c0e5e56eb69c46b501639a7fde9c74f4f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f87aa6c96e62a7022cc0e65ebc642b60e9bafee7853158fb05f44f72cf8385d
554a99b5851aef249e71b90594c453f1aa49baadd305ccf057e2686cf8694bf5
557d020af00c516825b46d036cfc6fd60c8174a802a63458c2a63af428014cf7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5669732b2e5689f81502d03a6583a95e0e423587e0412d93cfb854a92ce4de8f
5a837cfe71067facdad8ab08e90b5b18a6df6c1a1ec2b2a96a1ce92e36224ccf
5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6
66c6917d00756d78acac77f5768ad0f9954abb1de1e31a75961c691bca58adc8
6701f218b1e9c03b3a2e0f8bfb05c7bb800a7eb308efced90cb838ef1b92bede
6746d92d8028dac085ed74d86a8351a086245f2b70c1f2d8fa141c7a15b0d693
6c82ddc7dad798f567298c90332650b71a2d443c5462364de9fc6682383ca9e8
6deeec877667bf2542edceb1bdb210a6c5d3e516c66b8aa0ccac64ae2947e67c
6eab0df637380c00ff704a0ce4500bdf795235c9884828a245550df65845aaa8
6ffeaaa572003a081288376e3c9d9cde1fe39693ac7323295495345a605708fa
706073cf83266c8aa1875f1c57d1b110153e2f604033ec71c6de73f6112d907e
7219e9ed32eee437800314423747edea7a563c6aace19836b5bf15c216a05bf4
72e61a9784660f027a03c16db6956272921688437aac034c8c23095ac43af8d7
7622d96646edfde19c9d60ecf8e678f45604598b3feec5a6c70fa65c7eb7c60f
7a79ccffa1d24a51ffa8647d777970b62387f29ba75dbb027eeaf2d054fe5daf
7c368916684725c1fc3896361142add25e9a919956ee0df3638491263f56770c
7d6a270894e4abe6cceaba893c2881963a5f733b3269fcd1caf529443b1512f5
7f4b867a8334abf5c3577e153841ae82c2aacdb9b69fd7b60b24b616a9fec74c
822eab63a5c7cb3aa8f6d6ad6849486121e07b4e74b58dbb908856332f0e9957
82c19ae9ee2f0c4c8b416027b163458bb687c9700e4158884c208f6aa36d8359
83c1f47df4c68cdbd3e2881746edc07d4df28c6ca72a06f6335361c24f41b9a4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851cdaf02c15447fc8d1b33beb43ef4c96b67c8834aa6a2b490b2722541a136a
867924a22e8d0abb0d4195dc594ec5881f0e17a25c551be2d89dcebcd5cb843c
8a7df1ab78628c3eae5e99b503aeb0ccf7142859a4f4454b5aba0b49722dc928
8c6c6e189ee7c1385a7b37f94b00eb97079d5f7b20a3432fbabe2992020bfa55
8d47ba4fcad807396c71cba28634d519b0378a3cf2954eadc6cd3e9aeb6cb664
8d6c6676b3d5c37802571495d5111ef48dd5ad83049f965aaebb6f3c6a67a7c5
8ed083947405f8ae68eb8bbd952d476ff535b866aa46b89e9fd14632ad1700a0
905b98004bd52b343b2aef06fc3758d7d82c6ceecb492787f856a636c1c59da9
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
91f4ba530edbef7fbe7aa5898f78361f7c6b2ddb9b3bea747f50c3984b6a7c94
93313634b3bde04701f8863c8be9742133d7ac51de92b6b928f139e265ae4a56
978d115fc0760dc14711aa91f972f1388d08aaad8b28721f9aec209375f2176d
9a3f3ad4d5d222ab0f59447a43ee2886c742af692ac1540b688cfd0057be6f18
9d559a6492e1cf554306e957124feeb4b1389b4e9e9b911b336501715f82f328
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a23a6354a3048a5a533050baaf6b7f52382240f9dcdc8d1826cad1c9d9eb3b
a408692c0e11f51507769619f10aac090bf2972fe665ac897d866d391e37149a
a57f0c18573247b757bdfb536b18a5e6b4b8db08f9e40df0d488ded705671584
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a9285adaf02068a67b57c100da007051bc6e0d994db63aefb97b7da2955466a4
a943365a2bf02bca25a64fe787eca14400587b110311a43c7948eb8c95fd890c
a97654ff76e728477322fabe6e801afca746d6bf9dce84a2e899611d9552cb27
a9ad0672070e2f26c3020e73e61bd3cd5933f212e5b3415c437e812ad8a48c7c
aaaa1d783f36dff46a412bf91c9a9eaef414003bf260b99742ca146022dd267b
ad8333e00c20730c78d34f5e484d811bd36f722ec7fc215ee1951b7bca92d082
b0e6994533100c38112c06ce515d8131e150984f6812a8461c108229800c9f19
b5f27a3234c41b28b5ed7cf5318473947cb43084be94bec9bc333735b4ecebf6
b93902cedf73d71ca7065b460432f3b5486475c653f2b3a20c61a4f5d619b0ad
ba456919b89dda7736673879fe55e125da4fa378f17efb0138826072444b8b85
bb3cfdede9cb3f1986c4abc23f1a80797f1d0d3e80a8e1efc59c73b111cbe6ff
bd7a486362a1cd2f72a7d806da505186aabb5285b980c0c23f6ed36e8c3943db
bf71b5fd93b82c8bad9327eaf764dc0ba6273ab941645e6c2092769421fe464e
c29f3550bdc9d520a112a8c58812ec9c3a531ae4a102484d67b1e493ab33173f
c45ad89dd5f3584d28986e653cf6c5cf728a42f373489a442dd40e4e0b956ce9
c59adfdcbb787e284dd79e5ca3b01762a4c233bfd1c19b6ad285f502c1be97a2
c5e621a235d32aa4f4d922ad3e4741ec68fbafc122127ba6fbb5e4c4d9ca68b0
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
d0211e0015fe2937e3e65ad2d1278438a16a768a7b8f09cf6205d257494fb2db
d303990a80759bab04ca9fd056cf9393e66cbdc34cce54fdcc15af6cb9034867
d856e3ae57e5363655e3827e206a5cfccb649fbb7396e1e23e97a44c03ecce17
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df8cd21a27b100aeb75454d0c4cb04bbf5d1cc54676cc35718189bf07b774000
e11a8e30f084e4b10f3f78b66bfa7e780f5ac166373e049041810ef717c94fe7
e18231b54e5c8c0c96e385419788d5388577cfe3ae34dc97c8072b4910ba980c
e2302dddf06a51745460e085adf28bcef196f780e3ebbd679282122a781e659f
e23b3f4759539511b3a3b8b26448d60769832ab18c09514501d3dd6741164212
e23fe6a6a5d9998a759442e8e5c716797a32282f8de163fce97c656408682bef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dfc7bcdaf19260c488bd1f5c7787e3915ade82c2c04e0bab89cb795da92485
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06e519432f00349be1b5c077fa6806f7504c4c53fd41393d1597715bc236dab
f1622177535e942e41ef3be1f8d5fe4a166c380437a8894a189efac371853981
f1e850e50c4c6cb0488526bdc92513b96d3742536c8e2d6a75fc6e98473f1d6b
f32dba68b6f145f437f1e94f2dd110a498d610588229e3d9df8ef9fee1c25a1f
f358f0f9c5b5b9b524d5aeffba38e3e552105cb34ac15bbbee0f35b96a4fa186
f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c
f857ea2921f89d79218dbba7ac06e1159522757cd06a77f282e2652035e890b4
fa3d939cc54d19190dcd649af77411ecb671b9511def19acceed663d3c149693
fb44f5fdd8085bddf74fe1355b7008c8f51ec40436a7cd0231fb0ec09466a635
fbcb66ed67cb008d855d5a75e3bd2b5c7c6cbd21688ce5cc47112032f54cd269
fbebc879d57a62cbacc7bdb8e072fe9d6eb40f891abce54ac6db2ede231792e9

itworks.com Open in urlscan Pro 2606:4700::6812:8b8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

156 Requests

95 %HTTPS

50 %IPv6

16 Domains

24 Subdomains

21 IPs

4 Countries

3747 kBTransfer

8248 kBSize

10 Cookies

8 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

itworks.com Open in urlscan Pro
2606:4700::6812:8b8 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

95 %
HTTPS

50 %
IPv6

16
Domains

24
Subdomains

21
IPs

4
Countries

3747 kB
Transfer

8248 kB
Size

10
Cookies

156 HTTP transactions
0 data transactions